I don't think it's the Client Context part that does it, its most likley the rest of SSL scanning that causes the apps to freak out.
You can create a URL.Destination.IP based rule to exclude these destinations if they have a documented range.
Actually I just tested it by Disabling of the option and it is worked.
But as far as it is, Most likely, the first step of SSL scanner, You might be right.
According to this article:
The question is how can I exclude these.
1. Telegram is not establishing its connection.
2. Magic Jack is not working with full features.
Note: It can be happen to many other applications which I don't know yet.
It would be very appreciable to give me the best way to excluding such APPs except using URL.DESTINATION.IP.